Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
jXtV6KO1A7.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files\Common Files\System\ado\en-US\Registry.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Pictures\hYMmOtYRdhDhf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\hoedt554\hoedt554.cmdline
|
Unicode text, UTF-8 (with BOM) text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\Desktop\AUxWHHiO.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\AZuFUlyQ.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\BifwrcrL.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\DSJnFhkO.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\ESXfsmJN.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\FPynOmYI.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\FUwWbQoJ.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\GSXexQDE.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\IFbmiezC.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\LAruMjCr.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\LIbMrSdw.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\OCediSHm.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\PqilTgDk.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\PvfTgKTl.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\PySDyPdp.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\QjjbSXPj.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\UZaSZUPd.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\UrhkoqJf.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\UvHCLyMa.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\WcMBvDTY.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\WxtkghQV.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\bXOSCjJR.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\bsvBnNGP.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\cXcKpojQ.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\eDwAwSEJ.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\fNEJJgKL.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\fcnjtBSI.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\gXpAgXCG.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\iQFjSUoF.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\jBWHmcZz.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\jFwZJlcu.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\lyyPHcot.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\mHjHeUgp.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\nrNytZZs.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\ptzhOIen.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\pwmQgNor.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\rqbpkIti.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\sQKOYFFi.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\sefxVWpg.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\taSXmSLk.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\ugRfrFtb.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\upByWoUh.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\utbPtwXc.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\wetnNFIW.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\zXVOlHTT.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\zxAgkPgS.log
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Logs\CBS\hYMmOtYRdhDhf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\SecurityHealthSystray.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Common Files\System\ado\en-US\Registry.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Common Files\System\ado\en-US\ee2ad38f3d4382
|
ASCII text, with very long lines (932), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Media Player\Media Renderer\9e8d7a4ca61bd9
|
ASCII text, with very long lines (760), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Documents\23fc0d88861170
|
ASCII text, with very long lines (769), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Pictures\23fc0d88861170
|
ASCII text, with very long lines (334), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Pictures\hYMmOtYRdhDhf.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\RuntimeBroker.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\hYMmOtYRdhDhf.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\jXtV6KO1A7.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\2CPXfojCPJ
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\RESAFD2.tmp
|
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x6ec, 10 symbols, created Sat Apr 20 04:37:10 2024,
1st section name ".debug$S"
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0bekgdi1.4lq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0v53vaap.wh2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1blvv4yb.jeo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1cqfkyaa.4b3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2tarwi1u.wti.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_33knc5ss.j1z.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3gzqcoav.tqm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3vj1yr3y.ok0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3zyhtfhq.npo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4h05pjmz.zwg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4hql5z42.zec.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4salabig.cei.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5qpqdrg4.zwn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a1abstws.hbt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ael1pako.vp2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ak2xlw32.uv3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ax5qrwna.jng.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bcbpwps1.4ja.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bzgqb0sk.nca.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cikbztlq.k2l.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ciobwaxa.ibs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_clkupt02.ua4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cmwmb2zc.pnm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dawabxlt.ygr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dc43jbxc.uzs.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dlug2blw.d40.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_emzyfzde.4iq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ezrjbmix.nus.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_f3owzepf.cxi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gnjt5imw.esm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gpm4ezsn.1ad.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gsarkdgu.kmb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gvzppiqa.kr2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h15yqcdg.sqr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i2bkh1ot.ima.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_inn0f1zi.0yi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iwebwwdy.hm5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j33evzrr.okc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j3bpil1f.y4z.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jfe4cegu.kzv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jk4cbuh3.t2o.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kbmpnnyi.wdm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_levljmze.z31.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mcmlnl45.skz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nlkvl0xj.v35.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ofixf0w5.4at.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pkgqrmhs.u40.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pkkwjehs.kur.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pluyswh3.mqy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_po1ns30w.jtt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pwnsnjce.5ul.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qfzwp4y2.ibs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qhyj45p2.puq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rg5cgvks.mex.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sj4iarsk.vsw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sug20ehi.3qi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_swqzo3gn.cgq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t102uywa.nl4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t4dnavjd.mb5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_thz2lbeh.yre.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tikz3kvj.rs1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tt0jhncp.vwz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_txyhgyyv.d1p.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_udautaxk.2hi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uijbarrw.kua.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wf2kzfdc.gy4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wll1kl1o.kl3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wqefpren.4cz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xbwmhl4r.uru.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xmbiupug.x0i.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z4gap0gf.vck.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zhfsmmkm.efq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dlRCjeHhst.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hoedt554\hoedt554.0.cs
|
C++ source, Unicode text, UTF-8 (with BOM) text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hoedt554\hoedt554.out
|
Unicode text, UTF-8 (with BOM) text, with very long lines (329), with CRLF, CR line terminators
|
modified
|
||
|
C:\Users\user\Desktop\4f893074fe26e1
|
ASCII text, with very long lines (852), with no line terminators
|
dropped
|
||
|
C:\Windows\Logs\CBS\23fc0d88861170
|
ASCII text, with very long lines (325), with no line terminators
|
dropped
|
||
|
C:\Windows\Logs\CBS\hYMmOtYRdhDhf.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\CSCDDA5522436C442998F7B48C7E6412627.TMP
|
MSVC .res
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 139 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\jXtV6KO1A7.exe
|
"C:\Users\user\Desktop\jXtV6KO1A7.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\hoedt554\hoedt554.cmdline"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/$Recycle.Bin/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/$WinREAgent/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/Documents and Settings/'
|
|
|
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/PerfLogs/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/Program Files/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/Program Files (x86)/'
|
|
|
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/ProgramData/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/Recovery/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/System Volume Information/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/Users/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:/Windows/'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Windows\Logs\CBS\hYMmOtYRdhDhf.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Users\All Users\Documents\My Pictures\hYMmOtYRdhDhf.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Program Files\Common Files\System\ado\en-US\Registry.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Users\Public\Documents\hYMmOtYRdhDhf.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\jXtV6KO1A7.exe'
|
|
|
|
C:\Users\user\Desktop\jXtV6KO1A7.exe
|
C:\Users\user\Desktop\jXtV6KO1A7.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\dlRCjeHhst.bat"
|
|
|
|
C:\Users\user\Desktop\jXtV6KO1A7.exe
|
C:\Users\user\Desktop\jXtV6KO1A7.exe
|
|
|
|
C:\Program Files\Common Files\System\ado\en-US\Registry.exe
|
"C:\Program Files\Common Files\System\ado\en-US\Registry.exe"
|
|
|
|
C:\Program Files\Common Files\System\ado\en-US\Registry.exe
|
"C:\Program Files\Common Files\System\ado\en-US\Registry.exe"
|
|
|
|
C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe
|
"C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe"
|
|
|
|
C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe
|
"C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe"
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping -n 10 localhost
|
|
|
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
"C:\Users\Public\Documents\hYMmOtYRdhDhf.exe"
|
|
|
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
"C:\Users\Public\Documents\hYMmOtYRdhDhf.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c "C:\Users\Public\Documents\hYMmOtYRdhDhf.exe"
|
|
|
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
C:\Users\Public\Documents\hYMmOtYRdhDhf.exe
|
|
|
|
C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe
|
"C:\Program Files\Windows Media Player\Media Renderer\RuntimeBroker.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESAFD2.tmp"
"c:\Windows\System32\CSCDDA5522436C442998F7B48C7E6412627.TMP"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\chcp.com
|
chcp 65001
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 49 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
hYMmOtYRdhDhf
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
hYMmOtYRdhDhf
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RuntimeBroker
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RuntimeBroker
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Registry
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
jXtV6KO1A7
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
jXtV6KO1A7
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
hYMmOtYRdhDhf
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
hYMmOtYRdhDhf
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
hYMmOtYRdhDhf
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
hYMmOtYRdhDhf
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\5980bc79849998ef92600d748429cc87266fa06e
|
bb3dd1e3fae7d28be46a538fd69028f725d9b30c
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
There are 11 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F82000
|
unkown
|
page readonly
|
|
|
|
1524F9000
|
stack
|
page read and write
|
||
|
1B7F0000
|
heap
|
page read and write
|
||
|
1413000
|
heap
|
page read and write
|
||
|
C4E73FE000
|
stack
|
page read and write
|
||
|
191D000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
26458554000
|
heap
|
page read and write
|
||
|
DE618FE000
|
stack
|
page read and write
|
||
|
830EDFB000
|
stack
|
page read and write
|
||
|
19CAE7E000
|
stack
|
page read and write
|
||
|
13E0E000
|
trusted library allocation
|
page read and write
|
||
|
147E000
|
heap
|
page read and write
|
||
|
26458750000
|
direct allocation
|
page read and write
|
||
|
144D6EE0000
|
heap
|
page read and write
|
||
|
2432E735000
|
heap
|
page read and write
|
||
|
2CA9000
|
trusted library allocation
|
page read and write
|
||
|
13EC0000
|
trusted library allocation
|
page read and write
|
||
|
74899CE000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
AC9348E000
|
stack
|
page read and write
|
||
|
4A5A879000
|
stack
|
page read and write
|
||
|
3EBD000
|
trusted library allocation
|
page read and write
|
||
|
32A1000
|
trusted library allocation
|
page read and write
|
||
|
3EDB000
|
trusted library allocation
|
page read and write
|
||
|
C4E6BAF000
|
unkown
|
page read and write
|
||
|
6836F78000
|
stack
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
13C98000
|
trusted library allocation
|
page read and write
|
||
|
2C01000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
20A58620000
|
heap
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
13A45000
|
trusted library allocation
|
page read and write
|
||
|
4A5A5FE000
|
stack
|
page read and write
|
||
|
DE61EBC000
|
stack
|
page read and write
|
||
|
3EC9000
|
trusted library allocation
|
page read and write
|
||
|
2200260D000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
6BE310E000
|
stack
|
page read and write
|
||
|
1BA4F000
|
heap
|
page read and write
|
||
|
13A5B000
|
trusted library allocation
|
page read and write
|
||
|
2EDC000
|
trusted library allocation
|
page read and write
|
||
|
8DEEC38000
|
stack
|
page read and write
|
||
|
134F2000
|
trusted library allocation
|
page read and write
|
||
|
28D0339000
|
stack
|
page read and write
|
||
|
20A58705000
|
heap
|
page read and write
|
||
|
22661A92000
|
heap
|
page read and write
|
||
|
1B84F000
|
stack
|
page read and write
|
||
|
209241E0000
|
heap
|
page read and write
|
||
|
1038000
|
heap
|
page read and write
|
||
|
2432E8C0000
|
trusted library section
|
page read and write
|
||
|
16FE000
|
stack
|
page read and write
|
||
|
22A39D4B000
|
heap
|
page read and write
|
||
|
1CCE000
|
stack
|
page read and write
|
||
|
18D0000
|
heap
|
page read and write
|
||
|
13D6C000
|
trusted library allocation
|
page read and write
|
||
|
6BE2439000
|
stack
|
page read and write
|
||
|
201C0BA0000
|
heap
|
page read and write
|
||
|
14278000
|
trusted library allocation
|
page read and write
|
||
|
15257E000
|
stack
|
page read and write
|
||
|
263FC7E000
|
stack
|
page read and write
|
||
|
206E08C1000
|
heap
|
page read and write
|
||
|
2092430C000
|
heap
|
page read and write
|
||
|
3522000
|
unkown
|
page readonly
|
||
|
830EAF9000
|
stack
|
page read and write
|
||
|
22CDEC35000
|
heap
|
page read and write
|
||
|
7FFD9B788000
|
trusted library allocation
|
page read and write
|
||
|
22401C40000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
22A39D5D000
|
heap
|
page read and write
|
||
|
AA5A73C000
|
stack
|
page read and write
|
||
|
1D180001000
|
trusted library allocation
|
page read and write
|
||
|
1D22000
|
unkown
|
page readonly
|
||
|
1304E8C0000
|
trusted library allocation
|
page read and write
|
||
|
14C64C90000
|
trusted library allocation
|
page read and write
|
||
|
1BCE000
|
stack
|
page read and write
|
||
|
22CE06F5000
|
heap
|
page read and write
|
||
|
2200261B000
|
heap
|
page read and write
|
||
|
201C0BB8000
|
heap
|
page read and write
|
||
|
1CB5B4D0000
|
heap
|
page read and write
|
||
|
1ABD1E59000
|
heap
|
page read and write
|
||
|
100A000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
13B35000
|
trusted library allocation
|
page read and write
|
||
|
E34000
|
heap
|
page read and write
|
||
|
2DDA000
|
trusted library allocation
|
page read and write
|
||
|
28D017D000
|
stack
|
page read and write
|
||
|
1BA44000
|
heap
|
page read and write
|
||
|
1AAD6263000
|
heap
|
page read and write
|
||
|
209262D0000
|
trusted library allocation
|
page read and write
|
||
|
C4E6B23000
|
stack
|
page read and write
|
||
|
B605BCE000
|
stack
|
page read and write
|
||
|
144B9000
|
trusted library allocation
|
page read and write
|
||
|
1CB5CCF0000
|
trusted library allocation
|
page read and write
|
||
|
206E0A20000
|
heap
|
page read and write
|
||
|
26458554000
|
heap
|
page read and write
|
||
|
18F1000
|
heap
|
page read and write
|
||
|
3533000
|
heap
|
page execute and read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
13F5D000
|
trusted library allocation
|
page read and write
|
||
|
22CDEBD0000
|
heap
|
page read and write
|
||
|
2B200BBF000
|
trusted library allocation
|
page read and write
|
||
|
1400F000
|
trusted library allocation
|
page read and write
|
||
|
CE2000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
AA5A3FE000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
28D063B000
|
stack
|
page read and write
|
||
|
13CE5000
|
trusted library allocation
|
page read and write
|
||
|
216B2F35000
|
heap
|
page read and write
|
||
|
14F6000
|
heap
|
page read and write
|
||
|
B604BFE000
|
stack
|
page read and write
|
||
|
2645AF60000
|
direct allocation
|
page read and write
|
||
|
26406CE000
|
stack
|
page read and write
|
||
|
4A5AA7E000
|
stack
|
page read and write
|
||
|
143D000
|
heap
|
page read and write
|
||
|
15217F000
|
unkown
|
page read and write
|
||
|
B604D78000
|
stack
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
AA5A37A000
|
stack
|
page read and write
|
||
|
4A5B64E000
|
stack
|
page read and write
|
||
|
13F07000
|
trusted library allocation
|
page read and write
|
||
|
5BF2EFD000
|
stack
|
page read and write
|
||
|
6836A7E000
|
unkown
|
page read and write
|
||
|
264586BB000
|
direct allocation
|
page read and write
|
||
|
1CB5B2C8000
|
heap
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
6BE1E73000
|
stack
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
E2D000
|
heap
|
page read and write
|
||
|
141B4000
|
trusted library allocation
|
page read and write
|
||
|
14C651B0000
|
heap
|
page execute and read and write
|
||
|
DE61B79000
|
stack
|
page read and write
|
||
|
DE62B8C000
|
stack
|
page read and write
|
||
|
3C17000
|
trusted library allocation
|
page read and write
|
||
|
1502000
|
heap
|
page read and write
|
||
|
20925B60000
|
heap
|
page readonly
|
||
|
75FE70C000
|
stack
|
page read and write
|
||
|
4A5A97B000
|
stack
|
page read and write
|
||
|
1D32000
|
unkown
|
page readonly
|
||
|
22A3BAE3000
|
heap
|
page read and write
|
||
|
26458568000
|
heap
|
page read and write
|
||
|
20A5871D000
|
heap
|
page read and write
|
||
|
7FFD9B919000
|
trusted library allocation
|
page read and write
|
||
|
1BA56000
|
heap
|
page read and write
|
||
|
2645AEDF000
|
direct allocation
|
page read and write
|
||
|
7488F7C000
|
stack
|
page read and write
|
||
|
6837C4E000
|
stack
|
page read and write
|
||
|
6BE23B8000
|
stack
|
page read and write
|
||
|
1313000
|
heap
|
page read and write
|
||
|
22401D80000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1AAD7E70000
|
trusted library allocation
|
page read and write
|
||
|
264584FD000
|
heap
|
page read and write
|
||
|
28D1089000
|
stack
|
page read and write
|
||
|
12D80000
|
trusted library allocation
|
page read and write
|
||
|
2EE2000
|
trusted library allocation
|
page read and write
|
||
|
19B0000
|
trusted library allocation
|
page read and write
|
||
|
3BE3000
|
trusted library allocation
|
page read and write
|
||
|
226638F0000
|
heap
|
page read and write
|
||
|
263F30F000
|
unkown
|
page read and write
|
||
|
206E08B1000
|
heap
|
page read and write
|
||
|
22661BE0000
|
heap
|
page read and write
|
||
|
28CFBF3000
|
stack
|
page read and write
|
||
|
13B5A000
|
trusted library allocation
|
page read and write
|
||
|
1AAD7EA0000
|
trusted library allocation
|
page read and write
|
||
|
1ABD01F0000
|
trusted library allocation
|
page read and write
|
||
|
2645856E000
|
heap
|
page read and write
|
||
|
20925C55000
|
heap
|
page read and write
|
||
|
1ABD2277000
|
trusted library allocation
|
page read and write
|
||
|
209242F6000
|
heap
|
page read and write
|
||
|
8DEE55F000
|
unkown
|
page read and write
|
||
|
1ABD01B0000
|
heap
|
page read and write
|
||
|
263F6F9000
|
stack
|
page read and write
|
||
|
20926335000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page execute and read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
139E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B778000
|
trusted library allocation
|
page read and write
|
||
|
AA5B54C000
|
stack
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
2DE6000
|
trusted library allocation
|
page read and write
|
||
|
2E3B000
|
trusted library allocation
|
page read and write
|
||
|
216B2D80000
|
heap
|
page read and write
|
||
|
3F61000
|
trusted library allocation
|
page read and write
|
||
|
1AAD6300000
|
heap
|
page read and write
|
||
|
1304EE30000
|
trusted library allocation
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
191F000
|
stack
|
page read and write
|
||
|
22CDEBC0000
|
heap
|
page read and write
|
||
|
15350E000
|
stack
|
page read and write
|
||
|
20926345000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
20925B70000
|
trusted library allocation
|
page read and write
|
||
|
20925BE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
FC6000
|
unkown
|
page readonly
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
22CDEC80000
|
trusted library allocation
|
page read and write
|
||
|
3AB8000
|
trusted library allocation
|
page read and write
|
||
|
C4E72FE000
|
stack
|
page read and write
|
||
|
20A5A0C0000
|
trusted library allocation
|
page read and write
|
||
|
75FE58D000
|
stack
|
page read and write
|
||
|
6BE22BE000
|
stack
|
page read and write
|
||
|
22CDECCB000
|
heap
|
page read and write
|
||
|
1ABD0120000
|
heap
|
page read and write
|
||
|
14C63490000
|
heap
|
page read and write
|
||
|
5BF2F79000
|
stack
|
page read and write
|
||
|
16DE000
|
stack
|
page read and write
|
||
|
22A39D41000
|
heap
|
page read and write
|
||
|
1943000
|
heap
|
page read and write
|
||
|
5BF323E000
|
stack
|
page read and write
|
||
|
3F07000
|
trusted library allocation
|
page read and write
|
||
|
1304CEA3000
|
heap
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
22663AE1000
|
trusted library allocation
|
page read and write
|
||
|
26458780000
|
heap
|
page read and write
|
||
|
7488DFF000
|
stack
|
page read and write
|
||
|
2EE6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
216B3030000
|
heap
|
page readonly
|
||
|
243300C0000
|
heap
|
page readonly
|
||
|
1ABD209E000
|
trusted library allocation
|
page read and write
|
||
|
8DEEDBE000
|
stack
|
page read and write
|
||
|
2645854F000
|
heap
|
page read and write
|
||
|
DE61E3A000
|
stack
|
page read and write
|
||
|
13D8E000
|
trusted library allocation
|
page read and write
|
||
|
1AAD6200000
|
heap
|
page read and write
|
||
|
7488E7C000
|
stack
|
page read and write
|
||
|
1304CE68000
|
heap
|
page read and write
|
||
|
B604E7B000
|
stack
|
page read and write
|
||
|
167C000
|
heap
|
page read and write
|
||
|
6836E77000
|
stack
|
page read and write
|
||
|
1ABD0255000
|
heap
|
page read and write
|
||
|
22A39D3F000
|
heap
|
page read and write
|
||
|
14198000
|
trusted library allocation
|
page read and write
|
||
|
264584D9000
|
heap
|
page read and write
|
||
|
220026D0000
|
heap
|
page execute and read and write
|
||
|
19CB23F000
|
stack
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
264586A7000
|
direct allocation
|
page read and write
|
||
|
28CFFF9000
|
stack
|
page read and write
|
||
|
140A6000
|
trusted library allocation
|
page read and write
|
||
|
AC9263E000
|
stack
|
page read and write
|
||
|
216B3000000
|
trusted library allocation
|
page read and write
|
||
|
1AAD7E60000
|
heap
|
page readonly
|
||
|
19CBE0E000
|
stack
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
18F4000
|
heap
|
page read and write
|
||
|
13371000
|
trusted library allocation
|
page read and write
|
||
|
22661A2D000
|
heap
|
page read and write
|
||
|
220042C4000
|
heap
|
page read and write
|
||
|
14C63338000
|
heap
|
page read and write
|
||
|
2432E670000
|
heap
|
page read and write
|
||
|
6BE1F7F000
|
stack
|
page read and write
|
||
|
1658000
|
heap
|
page read and write
|
||
|
20926368000
|
trusted library allocation
|
page read and write
|
||
|
22663D06000
|
trusted library allocation
|
page read and write
|
||
|
3EE5000
|
trusted library allocation
|
page read and write
|
||
|
4A5B84C000
|
stack
|
page read and write
|
||
|
20924270000
|
heap
|
page read and write
|
||
|
1422000
|
heap
|
page read and write
|
||
|
8DEEA7D000
|
stack
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
2645AEE0000
|
direct allocation
|
page read and write
|
||
|
1CB5D321000
|
trusted library allocation
|
page read and write
|
||
|
C4E74BE000
|
stack
|
page read and write
|
||
|
5BF2C7F000
|
stack
|
page read and write
|
||
|
201C355D000
|
trusted library allocation
|
page read and write
|
||
|
20A58723000
|
heap
|
page read and write
|
||
|
E3D000
|
heap
|
page read and write
|
||
|
6836FFF000
|
stack
|
page read and write
|
||
|
201C2460000
|
heap
|
page execute and read and write
|
||
|
1CB5D2B0000
|
heap
|
page execute and read and write
|
||
|
2645856E000
|
heap
|
page read and write
|
||
|
26458520000
|
heap
|
page read and write
|
||
|
1AC5000
|
heap
|
page read and write
|
||
|
14DE000
|
heap
|
page read and write
|
||
|
7FFD9B964000
|
trusted library allocation
|
page read and write
|
||
|
14C63330000
|
heap
|
page read and write
|
||
|
1ABD0160000
|
trusted library allocation
|
page read and write
|
||
|
7FF489A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
263F87E000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
6837CC7000
|
stack
|
page read and write
|
||
|
6E2000
|
stack
|
page read and write
|
||
|
AC92379000
|
stack
|
page read and write
|
||
|
22661A97000
|
heap
|
page read and write
|
||
|
1304EE10000
|
heap
|
page execute and read and write
|
||
|
7FFD9B8B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
13EBE000
|
trusted library allocation
|
page read and write
|
||
|
75FE78E000
|
stack
|
page read and write
|
||
|
15293E000
|
stack
|
page read and write
|
||
|
68367EE000
|
stack
|
page read and write
|
||
|
1CB5B2A0000
|
heap
|
page read and write
|
||
|
22A39DD0000
|
heap
|
page read and write
|
||
|
20925C50000
|
heap
|
page read and write
|
||
|
6BE24BE000
|
stack
|
page read and write
|
||
|
20A58729000
|
heap
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
5BF3E8D000
|
stack
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
1CB5B4C5000
|
heap
|
page read and write
|
||
|
DE61F3E000
|
stack
|
page read and write
|
||
|
3530000
|
heap
|
page execute and read and write
|
||
|
75FD7B6000
|
stack
|
page read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
13FA4000
|
trusted library allocation
|
page read and write
|
||
|
1408000
|
heap
|
page read and write
|
||
|
226638D0000
|
heap
|
page execute and read and write
|
||
|
8DEEAF9000
|
stack
|
page read and write
|
||
|
22A3BEE5000
|
trusted library allocation
|
page read and write
|
||
|
226619D0000
|
heap
|
page read and write
|
||
|
15267D000
|
stack
|
page read and write
|
||
|
3F45000
|
trusted library allocation
|
page read and write
|
||
|
1AAD626B000
|
heap
|
page read and write
|
||
|
6BE207A000
|
stack
|
page read and write
|
||
|
8DEED3E000
|
stack
|
page read and write
|
||
|
220026F0000
|
trusted library allocation
|
page read and write
|
||
|
13978000
|
trusted library allocation
|
page read and write
|
||
|
4A5B7CD000
|
stack
|
page read and write
|
||
|
AC93307000
|
stack
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
263FB7E000
|
stack
|
page read and write
|
||
|
4A5ABFF000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
24330090000
|
trusted library allocation
|
page read and write
|
||
|
14C6338D000
|
heap
|
page read and write
|
||
|
2645AF20000
|
direct allocation
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page read and write
|
||
|
C4E814C000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
2645855A000
|
heap
|
page read and write
|
||
|
13D48000
|
trusted library allocation
|
page read and write
|
||
|
1CB5B2C0000
|
heap
|
page read and write
|
||
|
5BF3D8E000
|
stack
|
page read and write
|
||
|
15370E000
|
stack
|
page read and write
|
||
|
33A212C000
|
stack
|
page read and write
|
||
|
14D4000
|
heap
|
page read and write
|
||
|
226619F5000
|
heap
|
page read and write
|
||
|
2645AF00000
|
direct allocation
|
page read and write
|
||
|
3520000
|
unkown
|
page readonly
|
||
|
4A5B6CE000
|
stack
|
page read and write
|
||
|
22663770000
|
heap
|
page readonly
|
||
|
22A39D08000
|
heap
|
page read and write
|
||
|
243308B6000
|
trusted library allocation
|
page read and write
|
||
|
13E32000
|
trusted library allocation
|
page read and write
|
||
|
13B96000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
1304E8B0000
|
heap
|
page execute and read and write
|
||
|
8DEEF3B000
|
stack
|
page read and write
|
||
|
14136000
|
trusted library allocation
|
page read and write
|
||
|
1CB5D2E7000
|
heap
|
page execute and read and write
|
||
|
3E73000
|
trusted library allocation
|
page read and write
|
||
|
139E5000
|
trusted library allocation
|
page read and write
|
||
|
75FD93E000
|
stack
|
page read and write
|
||
|
1AC30000
|
trusted library allocation
|
page read and write
|
||
|
13FD6000
|
trusted library allocation
|
page read and write
|
||
|
8DEE97F000
|
stack
|
page read and write
|
||
|
1451000
|
heap
|
page read and write
|
||
|
1404F000
|
trusted library allocation
|
page read and write
|
||
|
1B602000
|
heap
|
page read and write
|
||
|
13D11000
|
trusted library allocation
|
page read and write
|
||
|
13CC8000
|
trusted library allocation
|
page read and write
|
||
|
E0688FF000
|
stack
|
page read and write
|
||
|
19CBF8C000
|
stack
|
page read and write
|
||
|
2645AF45000
|
direct allocation
|
page read and write
|
||
|
7FFD9B974000
|
trusted library allocation
|
page read and write
|
||
|
1304CEE8000
|
heap
|
page read and write
|
||
|
AA5B5CE000
|
stack
|
page read and write
|
||
|
20A5A858000
|
trusted library allocation
|
page read and write
|
||
|
13EC5000
|
trusted library allocation
|
page read and write
|
||
|
C4E70FD000
|
stack
|
page read and write
|
||
|
E7C000
|
heap
|
page read and write
|
||
|
144D6CE0000
|
heap
|
page read and write
|
||
|
75FD47E000
|
stack
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
144D6DC0000
|
heap
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
2432E6F3000
|
heap
|
page read and write
|
||
|
B6047DE000
|
stack
|
page read and write
|
||
|
1ABCFFE0000
|
heap
|
page read and write
|
||
|
1304CE10000
|
heap
|
page read and write
|
||
|
1AAD7F10000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page execute and read and write
|
||
|
1CB5B3B8000
|
heap
|
page read and write
|
||
|
13EF6000
|
trusted library allocation
|
page read and write
|
||
|
152B3B000
|
stack
|
page read and write
|
||
|
3371000
|
trusted library allocation
|
page read and write
|
||
|
2C09000
|
trusted library allocation
|
page read and write
|
||
|
22CDECAD000
|
heap
|
page read and write
|
||
|
1ABD0250000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
20A5A8C5000
|
trusted library allocation
|
page read and write
|
||
|
22CE0620000
|
heap
|
page readonly
|
||
|
11880001000
|
trusted library allocation
|
page read and write
|
||
|
4A5B747000
|
stack
|
page read and write
|
||
|
22002795000
|
heap
|
page read and write
|
||
|
12DA1000
|
trusted library allocation
|
page read and write
|
||
|
1675000
|
heap
|
page read and write
|
||
|
26458689000
|
direct allocation
|
page read and write
|
||
|
4A5A4FF000
|
unkown
|
page read and write
|
||
|
DE61BBE000
|
stack
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
22A3BD45000
|
trusted library allocation
|
page read and write
|
||
|
3F39000
|
trusted library allocation
|
page read and write
|
||
|
209261B7000
|
heap
|
page execute and read and write
|
||
|
13464000
|
trusted library allocation
|
page read and write
|
||
|
12C11000
|
trusted library allocation
|
page read and write
|
||
|
DE61D3E000
|
stack
|
page read and write
|
||
|
AC9273E000
|
stack
|
page read and write
|
||
|
7488BF7000
|
stack
|
page read and write
|
||
|
68370FC000
|
stack
|
page read and write
|
||
|
8DEE4D3000
|
stack
|
page read and write
|
||
|
1ABD21C1000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
unkown
|
page readonly
|
||
|
14C63460000
|
heap
|
page read and write
|
||
|
2A69000
|
heap
|
page read and write
|
||
|
26458525000
|
heap
|
page read and write
|
||
|
3F1D000
|
trusted library allocation
|
page read and write
|
||
|
14F9000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
201C2810000
|
trusted library allocation
|
page read and write
|
||
|
3267000
|
heap
|
page read and write
|
||
|
3F2F000
|
trusted library allocation
|
page read and write
|
||
|
139A9000
|
trusted library allocation
|
page read and write
|
||
|
DE62C0E000
|
stack
|
page read and write
|
||
|
220026E0000
|
heap
|
page readonly
|
||
|
263FA79000
|
stack
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
16B4000
|
heap
|
page read and write
|
||
|
1D50000
|
unkown
|
page readonly
|
||
|
14118000
|
trusted library allocation
|
page read and write
|
||
|
1ABD0084000
|
heap
|
page read and write
|
||
|
1CB5B3B6000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
24330715000
|
trusted library allocation
|
page read and write
|
||
|
8DEFB0C000
|
stack
|
page read and write
|
||
|
220025C0000
|
trusted library allocation
|
page read and write
|
||
|
6BE253F000
|
stack
|
page read and write
|
||
|
5BF333E000
|
stack
|
page read and write
|
||
|
2F86000
|
trusted library allocation
|
page read and write
|
||
|
3F05000
|
trusted library allocation
|
page read and write
|
||
|
216B2E60000
|
heap
|
page read and write
|
||
|
1ABD0008000
|
heap
|
page read and write
|
||
|
22CDED12000
|
heap
|
page read and write
|
||
|
8DEFA07000
|
stack
|
page read and write
|
||
|
1AAD6220000
|
heap
|
page read and write
|
||
|
13C90000
|
trusted library allocation
|
page read and write
|
||
|
2A67000
|
heap
|
page read and write
|
||
|
1304E9B5000
|
heap
|
page read and write
|
||
|
19CBF07000
|
stack
|
page read and write
|
||
|
12CA7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page read and write
|
||
|
22002420000
|
heap
|
page read and write
|
||
|
14055000
|
trusted library allocation
|
page read and write
|
||
|
22661A54000
|
heap
|
page read and write
|
||
|
10A5000
|
heap
|
page read and write
|
||
|
13D28000
|
trusted library allocation
|
page read and write
|
||
|
144C7000
|
trusted library allocation
|
page read and write
|
||
|
13F43000
|
trusted library allocation
|
page read and write
|
||
|
216B2F2D000
|
heap
|
page read and write
|
||
|
1AAD60B0000
|
heap
|
page read and write
|
||
|
14C63429000
|
heap
|
page read and write
|
||
|
7488D7E000
|
stack
|
page read and write
|
||
|
75FE607000
|
stack
|
page read and write
|
||
|
22CDECD1000
|
heap
|
page read and write
|
||
|
20924338000
|
heap
|
page read and write
|
||
|
DE615CF000
|
unkown
|
page read and write
|
||
|
1CE0000
|
unkown
|
page readonly
|
||
|
1D00000
|
unkown
|
page readonly
|
||
|
1ABD005D000
|
heap
|
page read and write
|
||
|
2432E70D000
|
heap
|
page read and write
|
||
|
20924200000
|
heap
|
page read and write
|
||
|
22004460000
|
heap
|
page read and write
|
||
|
11880084000
|
trusted library allocation
|
page read and write
|
||
|
22E80225000
|
trusted library allocation
|
page read and write
|
||
|
20A58766000
|
heap
|
page read and write
|
||
|
26458730000
|
direct allocation
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page read and write
|
||
|
22004471000
|
trusted library allocation
|
page read and write
|
||
|
1ABD01B5000
|
heap
|
page read and write
|
||
|
1D30000
|
unkown
|
page readonly
|
||
|
141ED000
|
trusted library allocation
|
page read and write
|
||
|
B604EFA000
|
stack
|
page read and write
|
||
|
13744000
|
trusted library allocation
|
page read and write
|
||
|
13B2F000
|
trusted library allocation
|
page read and write
|
||
|
2B200225000
|
trusted library allocation
|
page read and write
|
||
|
35E0000
|
unkown
|
page readonly
|
||
|
41729BE000
|
stack
|
page read and write
|
||
|
7489B4D000
|
stack
|
page read and write
|
||
|
2ECC000
|
trusted library allocation
|
page read and write
|
||
|
1429A000
|
trusted library allocation
|
page read and write
|
||
|
14C65240000
|
heap
|
page execute and read and write
|
||
|
1CB5B2FE000
|
heap
|
page read and write
|
||
|
AA5A8BC000
|
stack
|
page read and write
|
||
|
13B3B000
|
trusted library allocation
|
page read and write
|
||
|
3F27000
|
trusted library allocation
|
page read and write
|
||
|
1AAD83FA000
|
trusted library allocation
|
page read and write
|
||
|
18B6000
|
heap
|
page read and write
|
||
|
2B200D6A000
|
trusted library allocation
|
page read and write
|
||
|
13B02000
|
trusted library allocation
|
page read and write
|
||
|
209262B1000
|
trusted library allocation
|
page read and write
|
||
|
75FD73E000
|
stack
|
page read and write
|
||
|
206E08C1000
|
heap
|
page read and write
|
||
|
24330680000
|
heap
|
page execute and read and write
|
||
|
220027D5000
|
heap
|
page read and write
|
||
|
12CA1000
|
trusted library allocation
|
page read and write
|
||
|
1499000
|
heap
|
page read and write
|
||
|
140FB000
|
trusted library allocation
|
page read and write
|
||
|
13E04000
|
trusted library allocation
|
page read and write
|
||
|
143F000
|
heap
|
page read and write
|
||
|
830EA77000
|
stack
|
page read and write
|
||
|
1CB5CD10000
|
trusted library allocation
|
page read and write
|
||
|
2ED5000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
1ABD00E5000
|
heap
|
page read and write
|
||
|
22A3BAC0000
|
trusted library allocation
|
page read and write
|
||
|
220027D0000
|
heap
|
page read and write
|
||
|
22CE06A0000
|
trusted library allocation
|
page read and write
|
||
|
1ABCFEE0000
|
heap
|
page read and write
|
||
|
3269000
|
heap
|
page read and write
|
||
|
1CB5B34A000
|
heap
|
page read and write
|
||
|
2DA9000
|
trusted library allocation
|
page read and write
|
||
|
8DEF90E000
|
stack
|
page read and write
|
||
|
12DA7000
|
trusted library allocation
|
page read and write
|
||
|
3540000
|
unkown
|
page readonly
|
||
|
3EB3000
|
trusted library allocation
|
page read and write
|
||
|
264583F0000
|
heap
|
page read and write
|
||
|
22CE0BB1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
10C6000
|
heap
|
page read and write
|
||
|
279FFD60000
|
heap
|
page read and write
|
||
|
216B2EF8000
|
heap
|
page read and write
|
||
|
226638A0000
|
heap
|
page execute and read and write
|
||
|
209261F0000
|
trusted library allocation
|
page read and write
|
||
|
3E4B000
|
trusted library allocation
|
page read and write
|
||
|
AC92436000
|
stack
|
page read and write
|
||
|
1D70000
|
heap
|
page read and write
|
||
|
EED000
|
heap
|
page read and write
|
||
|
142FB000
|
trusted library allocation
|
page read and write
|
||
|
8DEE9FB000
|
stack
|
page read and write
|
||
|
13F5F000
|
trusted library allocation
|
page read and write
|
||
|
22CDECD5000
|
heap
|
page read and write
|
||
|
13FF3000
|
trusted library allocation
|
page read and write
|
||
|
1B4BF000
|
stack
|
page read and write
|
||
|
4A5A473000
|
stack
|
page read and write
|
||
|
20924260000
|
trusted library section
|
page read and write
|
||
|
C4E6FFE000
|
stack
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
2432E6ED000
|
heap
|
page read and write
|
||
|
7FFD9B96D000
|
trusted library allocation
|
page read and write
|
||
|
1BA00000
|
heap
|
page read and write
|
||
|
3F47000
|
trusted library allocation
|
page read and write
|
||
|
6836D7E000
|
stack
|
page read and write
|
||
|
1AAD80C1000
|
trusted library allocation
|
page read and write
|
||
|
8DEFA89000
|
stack
|
page read and write
|
||
|
22CDEC30000
|
heap
|
page read and write
|
||
|
20A5A195000
|
heap
|
page read and write
|
||
|
216B3040000
|
trusted library allocation
|
page read and write
|
||
|
153607000
|
stack
|
page read and write
|
||
|
2E21000
|
trusted library allocation
|
page read and write
|
||
|
201C2840000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1304EE40000
|
heap
|
page execute and read and write
|
||
|
14243000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
20925B50000
|
trusted library allocation
|
page read and write
|
||
|
14265000
|
trusted library allocation
|
page read and write
|
||
|
216B3020000
|
trusted library allocation
|
page read and write
|
||
|
6BE1FFE000
|
stack
|
page read and write
|
||
|
12C01000
|
trusted library allocation
|
page read and write
|
||
|
8DEEE3D000
|
stack
|
page read and write
|
||
|
3562000
|
unkown
|
page readonly
|
||
|
1304CEBD000
|
heap
|
page read and write
|
||
|
830EB7A000
|
stack
|
page read and write
|
||
|
AA5A27F000
|
stack
|
page read and write
|
||
|
B604B79000
|
stack
|
page read and write
|
||
|
13EF0000
|
trusted library allocation
|
page read and write
|
||
|
13C80000
|
trusted library allocation
|
page read and write
|
||
|
14305000
|
trusted library allocation
|
page read and write
|
||
|
6BE21FE000
|
stack
|
page read and write
|
||
|
830E97D000
|
stack
|
page read and write
|
||
|
22002619000
|
heap
|
page read and write
|
||
|
AC9338C000
|
stack
|
page read and write
|
||
|
3C0D000
|
trusted library allocation
|
page read and write
|
||
|
206E0880000
|
heap
|
page read and write
|
||
|
372E000
|
stack
|
page read and write
|
||
|
216B2F79000
|
heap
|
page read and write
|
||
|
142F5000
|
trusted library allocation
|
page read and write
|
||
|
216B4CA0000
|
heap
|
page read and write
|
||
|
2CA1000
|
trusted library allocation
|
page read and write
|
||
|
264585F0000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
6BE2177000
|
stack
|
page read and write
|
||
|
8DEF98E000
|
stack
|
page read and write
|
||
|
14386000
|
trusted library allocation
|
page read and write
|
||
|
5BF2D79000
|
stack
|
page read and write
|
||
|
263F977000
|
stack
|
page read and write
|
||
|
5BF313A000
|
stack
|
page read and write
|
||
|
AC91D43000
|
stack
|
page read and write
|
||
|
8DEEB3E000
|
stack
|
page read and write
|
||
|
24330577000
|
heap
|
page read and write
|
||
|
13CFF000
|
trusted library allocation
|
page read and write
|
||
|
13B37000
|
trusted library allocation
|
page read and write
|
||
|
1306000
|
unkown
|
page readonly
|
||
|
AA5A2FE000
|
stack
|
page read and write
|
||
|
19CAEF9000
|
stack
|
page read and write
|
||
|
2432E738000
|
heap
|
page read and write
|
||
|
3868000
|
trusted library allocation
|
page read and write
|
||
|
1D75000
|
heap
|
page read and write
|
||
|
143AC000
|
trusted library allocation
|
page read and write
|
||
|
22A39CF0000
|
trusted library section
|
page read and write
|
||
|
1CB5CD60000
|
trusted library allocation
|
page read and write
|
||
|
216B2F3B000
|
heap
|
page read and write
|
||
|
75FDABE000
|
stack
|
page read and write
|
||
|
748887F000
|
stack
|
page read and write
|
||
|
15358E000
|
stack
|
page read and write
|
||
|
8DEE87F000
|
stack
|
page read and write
|
||
|
13DB1000
|
trusted library allocation
|
page read and write
|
||
|
201C2970000
|
heap
|
page execute and read and write
|
||
|
13F5000
|
heap
|
page read and write
|
||
|
4172879000
|
stack
|
page read and write
|
||
|
1CB5D300000
|
trusted library allocation
|
page read and write
|
||
|
1AAD627D000
|
heap
|
page read and write
|
||
|
206E088A000
|
heap
|
page read and write
|
||
|
7489BCE000
|
stack
|
page read and write
|
||
|
3379000
|
trusted library allocation
|
page read and write
|
||
|
20A58A50000
|
trusted library allocation
|
page read and write
|
||
|
1902000
|
heap
|
page read and write
|
||
|
1985000
|
heap
|
page read and write
|
||
|
138A5000
|
trusted library allocation
|
page read and write
|
||
|
1890000
|
heap
|
page execute and read and write
|
||
|
E41000
|
heap
|
page read and write
|
||
|
279FFD40000
|
heap
|
page read and write
|
||
|
263F8F9000
|
stack
|
page read and write
|
||
|
22A3B695000
|
heap
|
page read and write
|
||
|
2B200085000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
830ED7E000
|
stack
|
page read and write
|
||
|
1AAD6228000
|
heap
|
page read and write
|
||
|
1D52000
|
unkown
|
page readonly
|
||
|
1304E7F0000
|
trusted library section
|
page read and write
|
||
|
20A58630000
|
heap
|
page read and write
|
||
|
1B8FE000
|
stack
|
page read and write
|
||
|
5BF3E07000
|
stack
|
page read and write
|
||
|
3076000
|
trusted library allocation
|
page read and write
|
||
|
1304E7D0000
|
heap
|
page read and write
|
||
|
14367000
|
trusted library allocation
|
page read and write
|
||
|
14C63355000
|
heap
|
page read and write
|
||
|
2EBA000
|
trusted library allocation
|
page read and write
|
||
|
AA5A579000
|
stack
|
page read and write
|
||
|
3F13000
|
trusted library allocation
|
page read and write
|
||
|
13F39000
|
trusted library allocation
|
page read and write
|
||
|
2F33000
|
trusted library allocation
|
page read and write
|
||
|
206E08C1000
|
heap
|
page read and write
|
||
|
1304E800000
|
trusted library allocation
|
page read and write
|
||
|
8DEECBE000
|
stack
|
page read and write
|
||
|
22002520000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
1AAD625F000
|
heap
|
page read and write
|
||
|
5BF3F0E000
|
stack
|
page read and write
|
||
|
20A5873D000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
201C33AA000
|
trusted library allocation
|
page read and write
|
||
|
3EB5000
|
trusted library allocation
|
page read and write
|
||
|
1ABD1E40000
|
heap
|
page read and write
|
||
|
22A3BAA7000
|
heap
|
page execute and read and write
|
||
|
20A586D0000
|
trusted library allocation
|
page read and write
|
||
|
22002720000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
1B691000
|
heap
|
page read and write
|
||
|
20A5A620000
|
heap
|
page read and write
|
||
|
2E37000
|
trusted library allocation
|
page read and write
|
||
|
75FE50E000
|
stack
|
page read and write
|
||
|
28CFEFF000
|
stack
|
page read and write
|
||
|
1ABD20E4000
|
trusted library allocation
|
page read and write
|
||
|
19CADF9000
|
stack
|
page read and write
|
||
|
28D05BE000
|
stack
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
6836BF9000
|
stack
|
page read and write
|
||
|
14C64CF0000
|
heap
|
page read and write
|
||
|
22663B65000
|
trusted library allocation
|
page read and write
|
||
|
2645AECD000
|
direct allocation
|
page read and write
|
||
|
12F50000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
1B32D000
|
stack
|
page read and write
|
||
|
24330115000
|
heap
|
page read and write
|
||
|
2FD3000
|
trusted library allocation
|
page read and write
|
||
|
2E85000
|
trusted library allocation
|
page read and write
|
||
|
1CD0000
|
unkown
|
page readonly
|
||
|
1AAD7AE0000
|
heap
|
page read and write
|
||
|
131C9000
|
trusted library allocation
|
page read and write
|
||
|
216B2F75000
|
heap
|
page read and write
|
||
|
1AAD7AD5000
|
heap
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
201C0BF9000
|
heap
|
page read and write
|
||
|
B604FFE000
|
stack
|
page read and write
|
||
|
13E33000
|
trusted library allocation
|
page read and write
|
||
|
139D6000
|
trusted library allocation
|
page read and write
|
||
|
26458566000
|
heap
|
page read and write
|
||
|
206E08C1000
|
heap
|
page read and write
|
||
|
13DCB000
|
trusted library allocation
|
page read and write
|
||
|
3EE7000
|
trusted library allocation
|
page read and write
|
||
|
1CB5B31C000
|
heap
|
page read and write
|
||
|
B6050FF000
|
stack
|
page read and write
|
||
|
2645AE80000
|
direct allocation
|
page read and write
|
||
|
C4E71F6000
|
stack
|
page read and write
|
||
|
22A39DC4000
|
heap
|
page read and write
|
||
|
830E383000
|
stack
|
page read and write
|
||
|
201C0B30000
|
heap
|
page read and write
|
||
|
30D3000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
AA5A93E000
|
stack
|
page read and write
|
||
|
6836C7E000
|
stack
|
page read and write
|
||
|
201C0B90000
|
trusted library allocation
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
7FFD9B924000
|
trusted library allocation
|
page read and write
|
||
|
417267F000
|
stack
|
page read and write
|
||
|
1ABD0190000
|
heap
|
page readonly
|
||
|
E06853C000
|
stack
|
page read and write
|
||
|
13D88000
|
trusted library allocation
|
page read and write
|
||
|
13F47000
|
trusted library allocation
|
page read and write
|
||
|
1BA4F000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
304F000
|
trusted library allocation
|
page read and write
|
||
|
216B3100000
|
heap
|
page read and write
|
||
|
1304E9B0000
|
heap
|
page read and write
|
||
|
26407CC000
|
stack
|
page read and write
|
||
|
152A3D000
|
stack
|
page read and write
|
||
|
1AAD7E50000
|
trusted library allocation
|
page read and write
|
||
|
2432E6FB000
|
heap
|
page read and write
|
||
|
3BB7000
|
trusted library allocation
|
page read and write
|
||
|
13C53000
|
trusted library allocation
|
page read and write
|
||
|
13A12000
|
trusted library allocation
|
page read and write
|
||
|
F82000
|
unkown
|
page readonly
|
||
|
1CB5D310000
|
heap
|
page execute and read and write
|
||
|
AC920FE000
|
stack
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
193D000
|
heap
|
page read and write
|
||
|
14276000
|
trusted library allocation
|
page read and write
|
||
|
22A3B5F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B974000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
6837E4E000
|
stack
|
page read and write
|
||
|
6837BCE000
|
stack
|
page read and write
|
||
|
2ED3000
|
trusted library allocation
|
page read and write
|
||
|
168D000
|
heap
|
page read and write
|
||
|
22E80001000
|
trusted library allocation
|
page read and write
|
||
|
22A39DFD000
|
heap
|
page read and write
|
||
|
4A5AB7C000
|
stack
|
page read and write
|
||
|
B605B4E000
|
stack
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
22663AD0000
|
heap
|
page execute and read and write
|
||
|
3ED1000
|
trusted library allocation
|
page read and write
|
||
|
1521FF000
|
stack
|
page read and write
|
||
|
1520F3000
|
stack
|
page read and write
|
||
|
1385000
|
heap
|
page read and write
|
||
|
DE62B0C000
|
stack
|
page read and write
|
||
|
1913000
|
heap
|
page read and write
|
||
|
201C0AF0000
|
heap
|
page read and write
|
||
|
13EEE000
|
trusted library allocation
|
page read and write
|
||
|
13F61000
|
trusted library allocation
|
page read and write
|
||
|
22002560000
|
heap
|
page read and write
|
||
|
6BE328C000
|
stack
|
page read and write
|
||
|
EFF000
|
heap
|
page read and write
|
||
|
74885DE000
|
stack
|
page read and write
|
||
|
1AC0000
|
heap
|
page read and write
|
||
|
14C65251000
|
trusted library allocation
|
page read and write
|
||
|
14C651F0000
|
trusted library allocation
|
page read and write
|
||
|
28D110D000
|
stack
|
page read and write
|
||
|
E13000
|
heap
|
page read and write
|
||
|
226637F0000
|
trusted library allocation
|
page read and write
|
||
|
2432E6B0000
|
heap
|
page read and write
|
||
|
13B10000
|
trusted library allocation
|
page read and write
|
||
|
279FFE19000
|
heap
|
page read and write
|
||
|
384F000
|
trusted library allocation
|
page read and write
|
||
|
3F19000
|
trusted library allocation
|
page read and write
|
||
|
14C65475000
|
trusted library allocation
|
page read and write
|
||
|
141A0000
|
trusted library allocation
|
page read and write
|
||
|
28D043E000
|
stack
|
page read and write
|
||
|
EE2000
|
stack
|
page read and write
|
||
|
AC9328E000
|
stack
|
page read and write
|
||
|
8DEFB8E000
|
stack
|
page read and write
|
||
|
12E2000
|
stack
|
page read and write
|
||
|
201C0C0D000
|
heap
|
page read and write
|
||
|
1CB5D2E0000
|
heap
|
page execute and read and write
|
||
|
13DE9000
|
trusted library allocation
|
page read and write
|
||
|
C4E753E000
|
stack
|
page read and write
|
||
|
22CDECD9000
|
heap
|
page read and write
|
||
|
20A5A631000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B550000
|
heap
|
page read and write
|
||
|
75FD4F9000
|
stack
|
page read and write
|
||
|
4172CBC000
|
stack
|
page read and write
|
||
|
22CE0660000
|
trusted library allocation
|
page read and write
|
||
|
2645853B000
|
heap
|
page read and write
|
||
|
22002655000
|
heap
|
page read and write
|
||
|
13EF7000
|
trusted library allocation
|
page read and write
|
||
|
22CE06F0000
|
heap
|
page read and write
|
||
|
22661B06000
|
heap
|
page read and write
|
||
|
6837D4C000
|
stack
|
page read and write
|
||
|
22CDEC90000
|
heap
|
page read and write
|
||
|
1990000
|
trusted library allocation
|
page read and write
|
||
|
201C2467000
|
heap
|
page execute and read and write
|
||
|
264084C000
|
stack
|
page read and write
|
||
|
26458508000
|
heap
|
page read and write
|
||
|
1447F000
|
trusted library allocation
|
page read and write
|
||
|
243300D0000
|
trusted library allocation
|
page read and write
|
||
|
20925FA7000
|
heap
|
page read and write
|
||
|
1304F077000
|
trusted library allocation
|
page read and write
|
||
|
4172D3E000
|
stack
|
page read and write
|
||
|
14C652D5000
|
trusted library allocation
|
page read and write
|
||
|
1B540000
|
heap
|
page read and write
|
||
|
14C64CF5000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
13B4F000
|
trusted library allocation
|
page read and write
|
||
|
1D02000
|
unkown
|
page readonly
|
||
|
19CB139000
|
stack
|
page read and write
|
||
|
417378E000
|
stack
|
page read and write
|
||
|
4A5A8F6000
|
stack
|
page read and write
|
||
|
13DF3000
|
trusted library allocation
|
page read and write
|
||
|
1CB5B306000
|
heap
|
page read and write
|
||
|
226619C0000
|
heap
|
page read and write
|
||
|
144D7085000
|
heap
|
page read and write
|
||
|
144D7080000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
E51000
|
heap
|
page read and write
|
||
|
15247F000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page read and write
|
||
|
138D6000
|
trusted library allocation
|
page read and write
|
||
|
1ABD2185000
|
trusted library allocation
|
page read and write
|
||
|
6BE330E000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
216B4ED6000
|
trusted library allocation
|
page read and write
|
||
|
AA5B38E000
|
stack
|
page read and write
|
||
|
144D6DE0000
|
heap
|
page read and write
|
||
|
216B4C20000
|
trusted library allocation
|
page read and write
|
||
|
3EF1000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
13DEB000
|
trusted library allocation
|
page read and write
|
||
|
830F94C000
|
stack
|
page read and write
|
||
|
14466000
|
trusted library allocation
|
page read and write
|
||
|
2B19000
|
heap
|
page read and write
|
||
|
4A5A6FE000
|
stack
|
page read and write
|
||
|
22CDECDB000
|
heap
|
page read and write
|
||
|
7489ACD000
|
stack
|
page read and write
|
||
|
263FAFE000
|
stack
|
page read and write
|
||
|
12FD4000
|
trusted library allocation
|
page read and write
|
||
|
22A3B5A0000
|
trusted library section
|
page read and write
|
||
|
20A5AAF7000
|
trusted library allocation
|
page read and write
|
||
|
3550000
|
unkown
|
page readonly
|
||
|
22401B00000
|
heap
|
page read and write
|
||
|
28D120E000
|
stack
|
page read and write
|
||
|
FB7000
|
unkown
|
page readonly
|
||
|
20A5A925000
|
trusted library allocation
|
page read and write
|
||
|
2B200D6E000
|
trusted library allocation
|
page read and write
|
||
|
8DEE5DF000
|
stack
|
page read and write
|
||
|
830F9CD000
|
stack
|
page read and write
|
||
|
4172353000
|
stack
|
page read and write
|
||
|
264584FA000
|
heap
|
page read and write
|
||
|
14C64C80000
|
heap
|
page readonly
|
||
|
75FDB3B000
|
stack
|
page read and write
|
||
|
26458546000
|
heap
|
page read and write
|
||
|
748994E000
|
stack
|
page read and write
|
||
|
1940000
|
heap
|
page read and write
|
||
|
2F58000
|
trusted library allocation
|
page read and write
|
||
|
26458558000
|
heap
|
page read and write
|
||
|
243300B0000
|
trusted library allocation
|
page read and write
|
||
|
B60517B000
|
stack
|
page read and write
|
||
|
22401C80000
|
heap
|
page read and write
|
||
|
13964000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
5BF31BE000
|
stack
|
page read and write
|
||
|
22A39C95000
|
heap
|
page read and write
|
||
|
201C29A1000
|
trusted library allocation
|
page read and write
|
||
|
220025D0000
|
heap
|
page read and write
|
||
|
26458520000
|
heap
|
page read and write
|
||
|
AA5A83E000
|
stack
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
AC922FD000
|
stack
|
page read and write
|
||
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
||
|
1ABD0088000
|
heap
|
page read and write
|
||
|
2432E8D5000
|
heap
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
1AB0000
|
unkown
|
page readonly
|
||
|
7FFD9B984000
|
trusted library allocation
|
page read and write
|
||
|
1418C000
|
trusted library allocation
|
page read and write
|
||
|
13C51000
|
trusted library allocation
|
page read and write
|
||
|
22A39D85000
|
heap
|
page read and write
|
||
|
18BC000
|
heap
|
page read and write
|
||
|
7488A77000
|
stack
|
page read and write
|
||
|
139C7000
|
trusted library allocation
|
page read and write
|
||
|
1D48000
|
unkown
|
page readonly
|
||
|
13C5F000
|
trusted library allocation
|
page read and write
|
||
|
75FD8BB000
|
stack
|
page read and write
|
||
|
263FBFC000
|
stack
|
page read and write
|
||
|
134DC000
|
trusted library allocation
|
page read and write
|
||
|
139CB000
|
trusted library allocation
|
page read and write
|
||
|
C4E727C000
|
stack
|
page read and write
|
||
|
4A5A9FE000
|
stack
|
page read and write
|
||
|
13A51000
|
trusted library allocation
|
page read and write
|
||
|
209261B0000
|
heap
|
page execute and read and write
|
||
|
1351D000
|
trusted library allocation
|
page read and write
|
||
|
19CB43B000
|
stack
|
page read and write
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page read and write
|
||
|
1304EE51000
|
trusted library allocation
|
page read and write
|
||
|
1860000
|
heap
|
page read and write
|
||
|
1304CEA1000
|
heap
|
page read and write
|
||
|
13BA7000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
E8D000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E6F000
|
trusted library allocation
|
page read and write
|
||
|
206E08B0000
|
heap
|
page read and write
|
||
|
EE2000
|
stack
|
page read and write
|
||
|
22A3B690000
|
heap
|
page read and write
|
||
|
2645856E000
|
heap
|
page read and write
|
||
|
7FFD9B933000
|
trusted library allocation
|
page read and write
|
||
|
28D02B6000
|
stack
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page read and write
|
||
|
2645AEC0000
|
direct allocation
|
page read and write
|
||
|
7FFD9B788000
|
trusted library allocation
|
page read and write
|
||
|
22401BE0000
|
heap
|
page read and write
|
||
|
13952000
|
trusted library allocation
|
page read and write
|
||
|
13DF1000
|
trusted library allocation
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
140A4000
|
trusted library allocation
|
page read and write
|
||
|
264586C0000
|
direct allocation
|
page read and write
|
||
|
AA59FEF000
|
unkown
|
page read and write
|
||
|
13A34000
|
trusted library allocation
|
page read and write
|
||
|
1304CE15000
|
heap
|
page read and write
|
||
|
216B2FE3000
|
heap
|
page read and write
|
||
|
264584F4000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
22CE0BA0000
|
heap
|
page read and write
|
||
|
4172B3A000
|
stack
|
page read and write
|
||
|
16FE000
|
heap
|
page read and write
|
||
|
4172A36000
|
stack
|
page read and write
|
||
|
2F82000
|
trusted library allocation
|
page read and write
|
||
|
14C63430000
|
heap
|
page read and write
|
||
|
DE61C37000
|
stack
|
page read and write
|
||
|
22A3BAA0000
|
heap
|
page execute and read and write
|
||
|
AA5A7BE000
|
stack
|
page read and write
|
||
|
140D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A5BBFC000
|
stack
|
page read and write
|
||
|
201C0B70000
|
trusted library allocation
|
page read and write
|
||
|
22CDECD3000
|
heap
|
page read and write
|
||
|
19CB33C000
|
stack
|
page read and write
|
||
|
263F283000
|
stack
|
page read and write
|
||
|
13A2D000
|
trusted library allocation
|
page read and write
|
||
|
97A59FE000
|
stack
|
page read and write
|
||
|
22A3BA80000
|
heap
|
page execute and read and write
|
||
|
20925BA0000
|
trusted library allocation
|
page read and write
|
||
|
E43000
|
heap
|
page read and write
|
||
|
34A8000
|
trusted library allocation
|
page read and write
|
||
|
830E9F8000
|
stack
|
page read and write
|
||
|
209260E0000
|
heap
|
page read and write
|
||
|
19CB3BF000
|
stack
|
page read and write
|
||
|
1AAD61B0000
|
heap
|
page read and write
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
1B740000
|
heap
|
page execute and read and write
|
||
|
FE2000
|
stack
|
page read and write
|
||
|
B60507D000
|
stack
|
page read and write
|
||
|
830E6FF000
|
stack
|
page read and write
|
||
|
2645AF40000
|
direct allocation
|
page read and write
|
||
|
68371FC000
|
stack
|
page read and write
|
||
|
209242B8000
|
heap
|
page read and write
|
||
|
1ABD003D000
|
heap
|
page read and write
|
||
|
AC925BE000
|
stack
|
page read and write
|
||
|
C4E7FCE000
|
stack
|
page read and write
|
||
|
1304EED6000
|
trusted library allocation
|
page read and write
|
||
|
140C000
|
heap
|
page read and write
|
||
|
DE61CBA000
|
stack
|
page read and write
|
||
|
3552000
|
unkown
|
page readonly
|
||
|
4A5AC7B000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1304E830000
|
heap
|
page readonly
|
||
|
2432E6EF000
|
heap
|
page read and write
|
||
|
152ABE000
|
stack
|
page read and write
|
||
|
1AAE000
|
stack
|
page read and write
|
||
|
3AA9000
|
trusted library allocation
|
page read and write
|
||
|
216B4BF0000
|
trusted library allocation
|
page read and write
|
||
|
6836CFB000
|
stack
|
page read and write
|
||
|
28D053C000
|
stack
|
page read and write
|
||
|
6836AFF000
|
stack
|
page read and write
|
||
|
22A39D00000
|
heap
|
page read and write
|
||
|
3BF9000
|
trusted library allocation
|
page read and write
|
||
|
3EC7000
|
trusted library allocation
|
page read and write
|
||
|
DE62A89000
|
stack
|
page read and write
|
||
|
DE6197A000
|
stack
|
page read and write
|
||
|
1CB5B300000
|
heap
|
page read and write
|
||
|
26458520000
|
heap
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
201C0BA5000
|
heap
|
page read and write
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
1AAD6190000
|
heap
|
page read and write
|
||
|
1B07D000
|
stack
|
page read and write
|
||
|
3082000
|
trusted library allocation
|
page read and write
|
||
|
13A8A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
830ECFC000
|
stack
|
page read and write
|
||
|
2645AECB000
|
direct allocation
|
page read and write
|
||
|
1411D000
|
trusted library allocation
|
page read and write
|
||
|
2645850C000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
20A586E0000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
3EDF000
|
trusted library allocation
|
page read and write
|
||
|
13F9B000
|
trusted library allocation
|
page read and write
|
||
|
26458560000
|
heap
|
page read and write
|
||
|
DE61DBE000
|
stack
|
page read and write
|
||
|
722C10B000
|
stack
|
page read and write
|
||
|
1CB5B490000
|
heap
|
page read and write
|
||
|
201C0BB0000
|
heap
|
page read and write
|
||
|
1304CDE0000
|
heap
|
page read and write
|
||
|
3EBF000
|
trusted library allocation
|
page read and write
|
||
|
209242EC000
|
heap
|
page read and write
|
||
|
201C24C0000
|
heap
|
page read and write
|
||
|
1802000
|
heap
|
page read and write
|
||
|
4A5A57F000
|
stack
|
page read and write
|
||
|
1B94F000
|
stack
|
page read and write
|
||
|
13E89000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
28D100E000
|
stack
|
page read and write
|
||
|
144D6DE7000
|
heap
|
page read and write
|
||
|
75FD5FB000
|
stack
|
page read and write
|
||
|
19CA9F3000
|
stack
|
page read and write
|
||
|
1ABD004B000
|
heap
|
page read and write
|
||
|
19CB03E000
|
stack
|
page read and write
|
||
|
201C0BEF000
|
heap
|
page read and write
|
||
|
22002500000
|
heap
|
page read and write
|
||
|
201C0BF7000
|
heap
|
page read and write
|
||
|
264586E0000
|
heap
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
22663780000
|
trusted library allocation
|
page read and write
|
||
|
220025D8000
|
heap
|
page read and write
|
||
|
3582000
|
unkown
|
page readonly
|
||
|
15368C000
|
stack
|
page read and write
|
||
|
2645850E000
|
heap
|
page read and write
|
||
|
13EB5000
|
trusted library allocation
|
page read and write
|
||
|
13DF5000
|
trusted library allocation
|
page read and write
|
||
|
1529BE000
|
stack
|
page read and write
|
||
|
1AAD7EE0000
|
trusted library allocation
|
page read and write
|
||
|
F02000
|
heap
|
page read and write
|
||
|
1036000
|
heap
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
AA5A9BB000
|
stack
|
page read and write
|
||
|
3D5A000
|
trusted library allocation
|
page read and write
|
||
|
209242F2000
|
heap
|
page read and write
|
||
|
C4E747D000
|
stack
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
1B96F000
|
stack
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
6BE26BC000
|
stack
|
page read and write
|
||
|
32A9000
|
trusted library allocation
|
page read and write
|
||
|
140B7000
|
trusted library allocation
|
page read and write
|
||
|
97A57F5000
|
stack
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
13BA0000
|
trusted library allocation
|
page read and write
|
||
|
417398E000
|
stack
|
page read and write
|
||
|
143FC000
|
trusted library allocation
|
page read and write
|
||
|
13D8C000
|
trusted library allocation
|
page read and write
|
||
|
AA5A6BA000
|
stack
|
page read and write
|
||
|
26458720000
|
heap
|
page read and write
|
||
|
1ABD20D1000
|
trusted library allocation
|
page read and write
|
||
|
28CFF7E000
|
stack
|
page read and write
|
||
|
1ABD0000000
|
heap
|
page read and write
|
||
|
20A5A100000
|
trusted library allocation
|
page read and write
|
||
|
683717E000
|
stack
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
20A58A60000
|
heap
|
page readonly
|
||
|
22A39D47000
|
heap
|
page read and write
|
||
|
3F3D000
|
trusted library allocation
|
page read and write
|
||
|
1B670000
|
heap
|
page read and write
|
||
|
220044F4000
|
trusted library allocation
|
page read and write
|
||
|
41728FD000
|
stack
|
page read and write
|
||
|
13E1C000
|
trusted library allocation
|
page read and write
|
||
|
5BF32BC000
|
stack
|
page read and write
|
||
|
1ABD0180000
|
trusted library allocation
|
page read and write
|
||
|
264584D0000
|
heap
|
page read and write
|
||
|
14C65040000
|
trusted library allocation
|
page read and write
|
||
|
2645850E000
|
heap
|
page read and write
|
||
|
75FE68D000
|
stack
|
page read and write
|
||
|
1373B000
|
trusted library allocation
|
page read and write
|
||
|
28D01F9000
|
stack
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B95C000
|
trusted library allocation
|
page read and write
|
||
|
201C24C5000
|
heap
|
page read and write
|
||
|
2DAF000
|
trusted library allocation
|
page read and write
|
||
|
19D0000
|
heap
|
page execute and read and write
|
||
|
2432E660000
|
heap
|
page read and write
|
||
|
20A58A70000
|
heap
|
page read and write
|
||
|
20A58650000
|
heap
|
page read and write
|
||
|
20A587D8000
|
heap
|
page read and write
|
||
|
135E2000
|
trusted library allocation
|
page read and write
|
||
|
1ABD20D5000
|
trusted library allocation
|
page read and write
|
||
|
216B2E80000
|
heap
|
page read and write
|
||
|
1ABD20C8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BE308E000
|
stack
|
page read and write
|
||
|
DE6298E000
|
stack
|
page read and write
|
||
|
2645853D000
|
heap
|
page read and write
|
||
|
6836B7E000
|
stack
|
page read and write
|
||
|
26458510000
|
heap
|
page read and write
|
||
|
12CB1000
|
trusted library allocation
|
page read and write
|
||
|
22401C45000
|
heap
|
page read and write
|
||
|
1AAD62A4000
|
heap
|
page read and write
|
||
|
22A39C90000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
15273E000
|
stack
|
page read and write
|
||
|
26458519000
|
heap
|
page read and write
|
||
|
AC924B8000
|
stack
|
page read and write
|
||
|
2432E6F5000
|
heap
|
page read and write
|
||
|
216B2F4D000
|
heap
|
page read and write
|
||
|
722C5FF000
|
stack
|
page read and write
|
||
|
5BF29FE000
|
unkown
|
page read and write
|
||
|
22661A6C000
|
heap
|
page read and write
|
||
|
22663AB0000
|
trusted library allocation
|
page read and write
|
||
|
22401C00000
|
heap
|
page read and write
|
||
|
B604C77000
|
stack
|
page read and write
|
||
|
FB5000
|
unkown
|
page readonly
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
5BF2973000
|
stack
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
AC9340C000
|
stack
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
216B4CB1000
|
trusted library allocation
|
page read and write
|
||
|
13DA7000
|
trusted library allocation
|
page read and write
|
||
|
1AAD62A8000
|
heap
|
page read and write
|
||
|
1437C000
|
trusted library allocation
|
page read and write
|
||
|
2432E690000
|
heap
|
page read and write
|
||
|
6BE20FF000
|
stack
|
page read and write
|
||
|
263F77E000
|
stack
|
page read and write
|
||
|
20924290000
|
trusted library allocation
|
page read and write
|
||
|
2EDA000
|
trusted library allocation
|
page read and write
|
||
|
6BE263E000
|
stack
|
page read and write
|
||
|
139C9000
|
trusted library allocation
|
page read and write
|
||
|
3542000
|
unkown
|
page readonly
|
||
|
1AB2000
|
unkown
|
page readonly
|
||
|
216B2EC0000
|
heap
|
page read and write
|
||
|
140F000
|
heap
|
page read and write
|
||
|
18DD000
|
heap
|
page read and write
|
||
|
13174000
|
trusted library allocation
|
page read and write
|
||
|
C4E75BC000
|
stack
|
page read and write
|
||
|
4173887000
|
stack
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
1CB5B4C0000
|
heap
|
page read and write
|
||
|
E58000
|
heap
|
page read and write
|
||
|
13AF6000
|
trusted library allocation
|
page read and write
|
||
|
8DEEBB6000
|
stack
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
2432E6B8000
|
heap
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
206E08C0000
|
heap
|
page read and write
|
||
|
6BE320C000
|
stack
|
page read and write
|
||
|
263F7F7000
|
stack
|
page read and write
|
||
|
14C63427000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
13F3F000
|
trusted library allocation
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
13CA9000
|
trusted library allocation
|
page read and write
|
||
|
3EFB000
|
trusted library allocation
|
page read and write
|
||
|
1AAD7AC0000
|
trusted library allocation
|
page read and write
|
||
|
13ED9000
|
trusted library allocation
|
page read and write
|
||
|
22663740000
|
trusted library allocation
|
page read and write
|
||
|
22A39CA0000
|
heap
|
page read and write
|
||
|
1AAD7AD0000
|
heap
|
page read and write
|
||
|
13D29000
|
trusted library allocation
|
page read and write
|
||
|
AA5A637000
|
stack
|
page read and write
|
||
|
22CDECCF000
|
heap
|
page read and write
|
||
|
134B4000
|
trusted library allocation
|
page read and write
|
||
|
B604713000
|
stack
|
page read and write
|
||
|
13D9C000
|
trusted library allocation
|
page read and write
|
||
|
13746000
|
trusted library allocation
|
page read and write
|
||
|
22002790000
|
heap
|
page read and write
|
||
|
7488EFE000
|
stack
|
page read and write
|
||
|
13D8A000
|
trusted library allocation
|
page read and write
|
||
|
1ACD0000
|
trusted library allocation
|
page read and write
|
||
|
2B200A0B000
|
trusted library allocation
|
page read and write
|
||
|
1304E840000
|
trusted library allocation
|
page read and write
|
||
|
24330460000
|
trusted library allocation
|
page read and write
|
||
|
12DB0000
|
trusted library allocation
|
page read and write
|
||
|
22CDECEB000
|
heap
|
page read and write
|
||
|
14334000
|
trusted library allocation
|
page read and write
|
||
|
DE61AFD000
|
stack
|
page read and write
|
||
|
20A5A4EC000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F16000
|
trusted library allocation
|
page read and write
|
||
|
2B17000
|
heap
|
page read and write
|
||
|
C4E80C9000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
28CFE7F000
|
unkown
|
page read and write
|
||
|
201C2450000
|
heap
|
page readonly
|
||
|
AC926BD000
|
stack
|
page read and write
|
||
|
5BF3036000
|
stack
|
page read and write
|
||
|
263FCFB000
|
stack
|
page read and write
|
||
|
264584FD000
|
heap
|
page read and write
|
||
|
41727FF000
|
stack
|
page read and write
|
||
|
1CB5CDD0000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC927BC000
|
stack
|
page read and write
|
||
|
2645AEA0000
|
direct allocation
|
page read and write
|
||
|
3ED5000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
830E77E000
|
stack
|
page read and write
|
||
|
1ABD00F6000
|
heap
|
page read and write
|
||
|
3F31000
|
trusted library allocation
|
page read and write
|
||
|
7488B78000
|
stack
|
page read and write
|
||
|
220026C3000
|
heap
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
DE619FF000
|
stack
|
page read and write
|
||
|
13722000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
6BE25BC000
|
stack
|
page read and write
|
||
|
226637B0000
|
trusted library allocation
|
page read and write
|
||
|
206E0A10000
|
heap
|
page read and write
|
||
|
13EAE000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
1CE2000
|
unkown
|
page readonly
|
||
|
1CD2000
|
unkown
|
page readonly
|
||
|
140A000
|
heap
|
page read and write
|
||
|
14C633B6000
|
heap
|
page read and write
|
||
|
B604A7F000
|
stack
|
page read and write
|
||
|
1304CF41000
|
heap
|
page read and write
|
||
|
3E86000
|
trusted library allocation
|
page read and write
|
||
|
3610000
|
heap
|
page execute and read and write
|
||
|
279FFDD0000
|
heap
|
page read and write
|
||
|
26458568000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
14C65130000
|
heap
|
page read and write
|
||
|
226619F0000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1AAD625D000
|
heap
|
page read and write
|
||
|
3E63000
|
trusted library allocation
|
page read and write
|
||
|
100F000
|
heap
|
page read and write
|
||
|
13791000
|
trusted library allocation
|
page read and write
|
||
|
2B200D31000
|
trusted library allocation
|
page read and write
|
||
|
22E80A0A000
|
trusted library allocation
|
page read and write
|
||
|
2EB7000
|
trusted library allocation
|
page read and write
|
||
|
20A586E8000
|
heap
|
page read and write
|
||
|
4A5A7FD000
|
stack
|
page read and write
|
||
|
216B2F31000
|
heap
|
page read and write
|
||
|
AA5B44E000
|
stack
|
page read and write
|
||
|
5BF2FBE000
|
stack
|
page read and write
|
||
|
22A3B5D0000
|
trusted library allocation
|
page read and write
|
||
|
22661A4C000
|
heap
|
page read and write
|
||
|
26408CE000
|
stack
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
13E14000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
22CE0A47000
|
heap
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
4172DBC000
|
stack
|
page read and write
|
||
|
1CB5CC90000
|
heap
|
page read and write
|
||
|
5BF2DFE000
|
stack
|
page read and write
|
||
|
22A3B5E0000
|
heap
|
page readonly
|
||
|
3BCE000
|
trusted library allocation
|
page read and write
|
||
|
75FDA3C000
|
stack
|
page read and write
|
||
|
216B2EF0000
|
heap
|
page read and write
|
||
|
168B000
|
heap
|
page read and write
|
||
|
7489A49000
|
stack
|
page read and write
|
||
|
138E8000
|
trusted library allocation
|
page read and write
|
||
|
75FD57E000
|
stack
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C4E6BEE000
|
stack
|
page read and write
|
||
|
4A5AAFA000
|
stack
|
page read and write
|
||
|
14C63220000
|
heap
|
page read and write
|
||
|
830F84E000
|
stack
|
page read and write
|
||
|
13AFD000
|
trusted library allocation
|
page read and write
|
||
|
138CD000
|
trusted library allocation
|
page read and write
|
||
|
22004440000
|
heap
|
page execute and read and write
|
||
|
1CB5CCD0000
|
trusted library allocation
|
page read and write
|
||
|
14500000
|
trusted library allocation
|
page read and write
|
||
|
417380E000
|
stack
|
page read and write
|
||
|
14C6336D000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
C4E8047000
|
stack
|
page read and write
|
||
|
AA5B40E000
|
stack
|
page read and write
|
||
|
2A5BE7F000
|
stack
|
page read and write
|
||
|
AA5A4FE000
|
stack
|
page read and write
|
||
|
24330490000
|
trusted library allocation
|
page read and write
|
||
|
1B860000
|
heap
|
page execute and read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
8DEEEBE000
|
stack
|
page read and write
|
||
|
19CB0B7000
|
stack
|
page read and write
|
||
|
13507000
|
trusted library allocation
|
page read and write
|
||
|
830EC7F000
|
stack
|
page read and write
|
||
|
26458527000
|
heap
|
page read and write
|
||
|
13FAC000
|
trusted library allocation
|
page read and write
|
||
|
13EB7000
|
trusted library allocation
|
page read and write
|
||
|
1435F000
|
trusted library allocation
|
page read and write
|
||
|
3E7B000
|
trusted library allocation
|
page read and write
|
||
|
1ABD2040000
|
heap
|
page execute and read and write
|
||
|
22A3BD41000
|
trusted library allocation
|
page read and write
|
||
|
DE6187F000
|
stack
|
page read and write
|
||
|
13FDA000
|
trusted library allocation
|
page read and write
|
||
|
1ABCFFC0000
|
heap
|
page read and write
|
||
|
1CB5D546000
|
trusted library allocation
|
page read and write
|
||
|
264585D0000
|
heap
|
page read and write
|
||
|
263F67E000
|
stack
|
page read and write
|
||
|
20A58727000
|
heap
|
page read and write
|
||
|
22661A10000
|
heap
|
page read and write
|
||
|
6BE2337000
|
stack
|
page read and write
|
||
|
2200262D000
|
heap
|
page read and write
|
||
|
201C0BF3000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1525F9000
|
stack
|
page read and write
|
||
|
22A3B620000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
209264D5000
|
trusted library allocation
|
page read and write
|
||
|
20A58A75000
|
heap
|
page read and write
|
||
|
264584FD000
|
heap
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
22401CAF000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
13A30000
|
trusted library allocation
|
page read and write
|
||
|
C4E737F000
|
stack
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
5BF2E7B000
|
stack
|
page read and write
|
||
|
26458551000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
19E0000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
226638A7000
|
heap
|
page execute and read and write
|
||
|
2645855A000
|
heap
|
page read and write
|
||
|
3602000
|
unkown
|
page readonly
|
||
|
22A3BCC1000
|
trusted library allocation
|
page read and write
|
||
|
1454D000
|
trusted library allocation
|
page read and write
|
||
|
1304CEE5000
|
heap
|
page read and write
|
||
|
201C2A24000
|
trusted library allocation
|
page read and write
|
||
|
4172979000
|
stack
|
page read and write
|
||
|
20A5A6B6000
|
trusted library allocation
|
page read and write
|
||
|
26458525000
|
heap
|
page read and write
|
||
|
B604F7E000
|
stack
|
page read and write
|
||
|
26458517000
|
heap
|
page read and write
|
||
|
5BF2CFF000
|
stack
|
page read and write
|
||
|
75FD6F9000
|
stack
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
2645850E000
|
heap
|
page read and write
|
||
|
140E0000
|
trusted library allocation
|
page read and write
|
||
|
13A32000
|
trusted library allocation
|
page read and write
|
||
|
206E0730000
|
heap
|
page read and write
|
||
|
AA5B4C7000
|
stack
|
page read and write
|
||
|
22A39D3C000
|
heap
|
page read and write
|
||
|
1D1804C6000
|
trusted library allocation
|
page read and write
|
||
|
1526F9000
|
stack
|
page read and write
|
||
|
226633E0000
|
heap
|
page read and write
|
||
|
4A5A1DE000
|
stack
|
page read and write
|
||
|
830E7F9000
|
stack
|
page read and write
|
||
|
7FFD9B987000
|
trusted library allocation
|
page read and write
|
||
|
13C02000
|
trusted library allocation
|
page read and write
|
||
|
1436000
|
heap
|
page read and write
|
||
|
6BE3189000
|
stack
|
page read and write
|
||
|
152839000
|
stack
|
page read and write
|
||
|
28D118C000
|
stack
|
page read and write
|
||
|
28D04BE000
|
stack
|
page read and write
|
||
|
75FD838000
|
stack
|
page read and write
|
||
|
1CB5B2FC000
|
heap
|
page read and write
|
||
|
E0689FE000
|
stack
|
page read and write
|
||
|
2432E8A0000
|
heap
|
page read and write
|
||
|
2645850A000
|
heap
|
page read and write
|
||
|
264586A0000
|
direct allocation
|
page read and write
|
||
|
20A587D5000
|
heap
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
14412000
|
trusted library allocation
|
page read and write
|
||
|
C4E81CE000
|
stack
|
page read and write
|
||
|
748859F000
|
unkown
|
page read and write
|
||
|
1304CE20000
|
heap
|
page read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page read and write
|
||
|
201C2BC5000
|
trusted library allocation
|
page read and write
|
||
|
22A39B80000
|
heap
|
page read and write
|
||
|
C4E6E7F000
|
stack
|
page read and write
|
||
|
13CD5000
|
trusted library allocation
|
page read and write
|
||
|
AA59F63000
|
stack
|
page read and write
|
||
|
DE61543000
|
stack
|
page read and write
|
||
|
B604AFF000
|
stack
|
page read and write
|
||
|
1B11F000
|
stack
|
page read and write
|
||
|
2645856C000
|
heap
|
page read and write
|
||
|
22401C8A000
|
heap
|
page read and write
|
||
|
20924394000
|
heap
|
page read and write
|
||
|
20A5A190000
|
heap
|
page read and write
|
||
|
13B9E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
2266390D000
|
heap
|
page read and write
|
||
|
4172C3E000
|
stack
|
page read and write
|
||
|
22A39D43000
|
heap
|
page read and write
|
||
|
22CDECD7000
|
heap
|
page read and write
|
||
|
1403D000
|
trusted library allocation
|
page read and write
|
||
|
201C0C35000
|
heap
|
page read and write
|
||
|
35E2000
|
unkown
|
page readonly
|
||
|
AC92179000
|
stack
|
page read and write
|
||
|
6836EFB000
|
stack
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
C4E6EFE000
|
stack
|
page read and write
|
||
|
12DB1000
|
trusted library allocation
|
page read and write
|
||
|
13A09000
|
trusted library allocation
|
page read and write
|
||
|
22661A5A000
|
heap
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
201C0AD0000
|
heap
|
page read and write
|
||
|
216B3105000
|
heap
|
page read and write
|
||
|
C4E6F79000
|
stack
|
page read and write
|
||
|
13E09000
|
trusted library allocation
|
page read and write
|
||
|
26458554000
|
heap
|
page read and write
|
||
|
722C4FF000
|
unkown
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
2ED6000
|
trusted library allocation
|
page read and write
|
||
|
22A3BCB0000
|
heap
|
page execute and read and write
|
||
|
22A39C60000
|
heap
|
page read and write
|
||
|
7488C79000
|
stack
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
20924335000
|
heap
|
page read and write
|
||
|
139BB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
1D180227000
|
trusted library allocation
|
page read and write
|
||
|
19CAF7D000
|
stack
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2645850A000
|
heap
|
page read and write
|
||
|
22A3B660000
|
trusted library allocation
|
page read and write
|
||
|
22CE0DD6000
|
trusted library allocation
|
page read and write
|
||
|
6BE1EFF000
|
unkown
|
page read and write
|
||
|
830E8F9000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B916000
|
trusted library allocation
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
263F9F8000
|
stack
|
page read and write
|
||
|
14033000
|
trusted library allocation
|
page read and write
|
||
|
1D64000
|
unkown
|
page readonly
|
||
|
B605DCE000
|
stack
|
page read and write
|
||
|
279FFE10000
|
heap
|
page read and write
|
||
|
2A5BEFF000
|
stack
|
page read and write
|
||
|
24330691000
|
trusted library allocation
|
page read and write
|
||
|
131D1000
|
trusted library allocation
|
page read and write
|
||
|
AC9318E000
|
stack
|
page read and write
|
||
|
279FFC60000
|
heap
|
page read and write
|
||
|
24330080000
|
trusted library section
|
page read and write
|
||
|
3F23000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
14C63300000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
28D00F7000
|
stack
|
page read and write
|
||
|
22004695000
|
trusted library allocation
|
page read and write
|
||
|
264586A3000
|
direct allocation
|
page read and write
|
||
|
C4E707B000
|
stack
|
page read and write
|
||
|
22002658000
|
heap
|
page read and write
|
||
|
1304CDD0000
|
heap
|
page read and write
|
||
|
263F38F000
|
stack
|
page read and write
|
||
|
4172779000
|
stack
|
page read and write
|
||
|
7488513000
|
stack
|
page read and write
|
||
|
4A5A77B000
|
stack
|
page read and write
|
||
|
226633B0000
|
heap
|
page read and write
|
||
|
13D1B000
|
trusted library allocation
|
page read and write
|
||
|
19CB1B8000
|
stack
|
page read and write
|
||
|
13D3B000
|
trusted library allocation
|
page read and write
|
||
|
1304ED0C000
|
heap
|
page read and write
|
||
|
201C09F0000
|
heap
|
page read and write
|
||
|
201C2470000
|
trusted library allocation
|
page read and write
|
||
|
1441000
|
heap
|
page read and write
|
||
|
4A5A679000
|
stack
|
page read and write
|
||
|
13FC3000
|
trusted library allocation
|
page read and write
|
||
|
AC9320E000
|
stack
|
page read and write
|
||
|
11880227000
|
trusted library allocation
|
page read and write
|
||
|
24330560000
|
heap
|
page read and write
|
||
|
140C1000
|
trusted library allocation
|
page read and write
|
||
|
216B30E0000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
13B7F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
13C21000
|
trusted library allocation
|
page read and write
|
||
|
AC92279000
|
stack
|
page read and write
|
||
|
DE61FBB000
|
stack
|
page read and write
|
||
|
13AE2000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
13889000
|
trusted library allocation
|
page read and write
|
||
|
13A1F000
|
trusted library allocation
|
page read and write
|
||
|
1CB5B2DD000
|
heap
|
page read and write
|
||
|
B605CCD000
|
stack
|
page read and write
|
||
|
22CE0C35000
|
trusted library allocation
|
page read and write
|
||
|
1B7D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B926000
|
trusted library allocation
|
page read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
201C2990000
|
heap
|
page read and write
|
||
|
16B6000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page execute and read and write
|
||
|
13EB7000
|
trusted library allocation
|
page read and write
|
||
|
75FD16F000
|
unkown
|
page read and write
|
||
|
20924240000
|
heap
|
page read and write
|
||
|
22A3B5B0000
|
trusted library allocation
|
page read and write
|
||
|
13F21000
|
trusted library allocation
|
page read and write
|
||
|
19CAD7E000
|
stack
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
683707E000
|
stack
|
page read and write
|
||
|
206E08B0000
|
heap
|
page read and write
|
||
|
1D180086000
|
trusted library allocation
|
page read and write
|
||
|
1CB5CD90000
|
trusted library allocation
|
page read and write
|
||
|
6837DCC000
|
stack
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page read and write
|
||
|
36EA000
|
trusted library allocation
|
page read and write
|
||
|
1404A000
|
trusted library allocation
|
page read and write
|
||
|
1929000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
22661A18000
|
heap
|
page read and write
|
||
|
1AAD6269000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
209242B0000
|
heap
|
page read and write
|
||
|
1CF0000
|
unkown
|
page readonly
|
||
|
1200000
|
heap
|
page read and write
|
||
|
1CB5D6CF000
|
trusted library allocation
|
page read and write
|
||
|
75FD67E000
|
stack
|
page read and write
|
||
|
1304CE50000
|
trusted library section
|
page read and write
|
||
|
3629000
|
heap
|
page read and write
|
||
|
4172AB8000
|
stack
|
page read and write
|
||
|
19E5000
|
heap
|
page read and write
|
||
|
2ECE000
|
trusted library allocation
|
page read and write
|
||
|
1ABD0041000
|
heap
|
page read and write
|
||
|
206E08C5000
|
heap
|
page read and write
|
||
|
E22000
|
heap
|
page read and write
|
||
|
B72000
|
stack
|
page read and write
|
||
|
6836DF9000
|
stack
|
page read and write
|
||
|
7FFD9B938000
|
trusted library allocation
|
page read and write
|
||
|
1304E870000
|
trusted library allocation
|
page read and write
|
||
|
8DEE8F9000
|
stack
|
page read and write
|
||
|
830F8C7000
|
stack
|
page read and write
|
||
|
7FFD9B964000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page read and write
|
||
|
209262C2000
|
trusted library allocation
|
page read and write
|
||
|
19CB2BE000
|
stack
|
page read and write
|
||
|
1AAD6205000
|
heap
|
page read and write
|
||
|
19CAC7F000
|
unkown
|
page read and write
|
||
|
14C65070000
|
trusted library allocation
|
page read and write
|
||
|
1CB5D3A5000
|
trusted library allocation
|
page read and write
|
||
|
18B0000
|
heap
|
page read and write
|
||
|
1304E8B7000
|
heap
|
page execute and read and write
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22A3BAD0000
|
heap
|
page read and write
|
||
|
14C63377000
|
heap
|
page read and write
|
||
|
AA5A479000
|
stack
|
page read and write
|
||
|
201C0B50000
|
trusted library section
|
page read and write
|
||
|
3F0F000
|
trusted library allocation
|
page read and write
|
||
|
19CACFF000
|
stack
|
page read and write
|
||
|
22CDEC98000
|
heap
|
page read and write
|
||
|
830FA4E000
|
stack
|
page read and write
|
||
|
201C0B60000
|
trusted library section
|
page read and write
|
||
|
7488AFD000
|
stack
|
page read and write
|
||
|
22CE0630000
|
trusted library allocation
|
page read and write
|
||
|
26458525000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE61A77000
|
stack
|
page read and write
|
||
|
1B702000
|
heap
|
page execute and read and write
|
||
|
20A5A5F0000
|
heap
|
page execute and read and write
|
||
|
AC9253A000
|
stack
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DAA000
|
trusted library allocation
|
page read and write
|
||
|
22CDEBF0000
|
heap
|
page read and write
|
||
|
1ABD2051000
|
trusted library allocation
|
page read and write
|
||
|
1B9FE000
|
stack
|
page read and write
|
||
|
13910000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
22A39CD0000
|
heap
|
page read and write
|
||
|
22E80084000
|
trusted library allocation
|
page read and write
|
||
|
417390C000
|
stack
|
page read and write
|
||
|
13DEE000
|
trusted library allocation
|
page read and write
|
||
|
13C8D000
|
trusted library allocation
|
page read and write
|
||
|
FC2000
|
unkown
|
page readonly
|
||
|
1920000
|
heap
|
page read and write
|
||
|
13CEB000
|
trusted library allocation
|
page read and write
|
||
|
13864000
|
trusted library allocation
|
page read and write
|
||
|
26458558000
|
heap
|
page read and write
|
||
|
141C6000
|
trusted library allocation
|
page read and write
|
||
|
14004000
|
trusted library allocation
|
page read and write
|
||
|
1304E930000
|
heap
|
page read and write
|
||
|
1ABD2108000
|
trusted library allocation
|
page read and write
|
||
|
28D03B9000
|
stack
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
68367A3000
|
stack
|
page read and write
|
||
|
C4E7178000
|
stack
|
page read and write
|
||
|
2B200001000
|
trusted library allocation
|
page read and write
|
||
|
14012000
|
trusted library allocation
|
page read and write
|
||
|
1CB5CD00000
|
heap
|
page readonly
|
||
|
139CD000
|
trusted library allocation
|
page read and write
|
||
|
13937000
|
trusted library allocation
|
page read and write
|
||
|
206E08B0000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page execute and read and write
|
||
|
206E0810000
|
heap
|
page read and write
|
||
|
26458551000
|
heap
|
page read and write
|
||
|
ED9000
|
heap
|
page read and write
|
||
|
20924275000
|
heap
|
page read and write
|
||
|
13D7E000
|
trusted library allocation
|
page read and write
|
||
|
141E1000
|
trusted library allocation
|
page read and write
|
||
|
209242F0000
|
heap
|
page read and write
|
||
|
3E37000
|
trusted library allocation
|
page read and write
|
||
|
1AAD83E6000
|
trusted library allocation
|
page read and write
|
||
|
2645851C000
|
heap
|
page read and write
|
||
|
B604CFD000
|
stack
|
page read and write
|
||
|
2645856E000
|
heap
|
page read and write
|
||
|
6BE2279000
|
stack
|
page read and write
|
||
|
1BAFF000
|
stack
|
page read and write
|
||
|
19CC00E000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
216B3080000
|
heap
|
page execute and read and write
|
||
|
20926190000
|
heap
|
page execute and read and write
|
||
|
DE62A0E000
|
stack
|
page read and write
|
||
|
20A5872D000
|
heap
|
page read and write
|
||
|
1CB5D128000
|
heap
|
page read and write
|
||
|
1CB5CD50000
|
heap
|
page read and write
|
||
|
4172BBE000
|
stack
|
page read and write
|
||
|
1AAD7F26000
|
heap
|
page read and write
|
||
|
1420F000
|
trusted library allocation
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
263F3CE000
|
stack
|
page read and write
|
||
|
13A71000
|
trusted library allocation
|
page read and write
|
||
|
13AC2000
|
trusted library allocation
|
page read and write
|
||
|
B60479F000
|
unkown
|
page read and write
|
||
|
26458660000
|
direct allocation
|
page read and write
|
||
|
13E89000
|
trusted library allocation
|
page read and write
|
||
|
13D20000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
22663760000
|
trusted library allocation
|
page read and write
|
||
|
14C65B1F000
|
trusted library allocation
|
page read and write
|
||
|
216B4D34000
|
trusted library allocation
|
page read and write
|
||
|
1CB5CDD5000
|
heap
|
page read and write
|
||
|
1AAD8146000
|
trusted library allocation
|
page read and write
|
||
|
264074B000
|
stack
|
page read and write
|
||
|
13C39000
|
trusted library allocation
|
page read and write
|
||
|
74889FF000
|
stack
|
page read and write
|
||
|
201C0BED000
|
heap
|
page read and write
|
||
|
74888FE000
|
stack
|
page read and write
|
||
|
1B21D000
|
stack
|
page read and write
|
||
|
12E80000
|
trusted library allocation
|
page read and write
|
||
|
20924100000
|
heap
|
page read and write
|
||
|
3E79000
|
trusted library allocation
|
page read and write
|
||
|
22CE0B60000
|
heap
|
page execute and read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
13946000
|
trusted library allocation
|
page read and write
|
||
|
830EBFE000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
13C25000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B94C000
|
trusted library allocation
|
page read and write
|
||
|
12C07000
|
trusted library allocation
|
page read and write
|
||
|
97A5BFE000
|
stack
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
3739000
|
trusted library allocation
|
page read and write
|
||
|
144D6DEA000
|
heap
|
page read and write
|
||
|
24330110000
|
heap
|
page read and write
|
||
|
7FFD9B928000
|
trusted library allocation
|
page read and write
|
||
|
AC923BE000
|
stack
|
page read and write
|
||
|
AC91DCF000
|
unkown
|
page read and write
|
||
|
830E87E000
|
stack
|
page read and write
|
||
|
75FD1EF000
|
stack
|
page read and write
|
||
|
41726FE000
|
stack
|
page read and write
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
3EFD000
|
trusted library allocation
|
page read and write
|
||
|
1343C000
|
trusted library allocation
|
page read and write
|
||
|
12E50000
|
trusted library allocation
|
page read and write
|
||
|
1304E820000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
13868000
|
trusted library allocation
|
page read and write
|
||
|
131CE000
|
trusted library allocation
|
page read and write
|
||
|
13F9F000
|
trusted library allocation
|
page read and write
|
||
|
22002760000
|
trusted library allocation
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
B605C4C000
|
stack
|
page read and write
|
||
|
14C63375000
|
heap
|
page read and write
|
||
|
2645AF43000
|
direct allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
75FD0E3000
|
stack
|
page read and write
|
||
|
2645852C000
|
heap
|
page read and write
|
||
|
830E3CE000
|
stack
|
page read and write
|
||
|
19CAFF9000
|
stack
|
page read and write
|
||
|
AC921FE000
|
stack
|
page read and write
|
||
|
7FFD9B927000
|
trusted library allocation
|
page read and write
|
||
|
14417000
|
trusted library allocation
|
page read and write
|
||
|
1ABD0045000
|
heap
|
page read and write
|
||
|
AC9207F000
|
stack
|
page read and write
|
||
|
13731000
|
trusted library allocation
|
page read and write
|
||
|
1528BE000
|
stack
|
page read and write
|
||
|
226633E5000
|
heap
|
page read and write
|
||
|
140C0000
|
trusted library allocation
|
page read and write
|
||
|
1ABD1F70000
|
heap
|
page execute and read and write
|
||
|
13074000
|
trusted library allocation
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
B605D4C000
|
stack
|
page read and write
|
||
|
B604DF6000
|
stack
|
page read and write
|
||
|
1527B7000
|
stack
|
page read and write
|
||
|
14C63371000
|
heap
|
page read and write
|
||
|
220025A0000
|
trusted library allocation
|
page read and write
|
||
|
13AF4000
|
trusted library allocation
|
page read and write
|
||
|
13520000
|
trusted library allocation
|
page read and write
|
||
|
14B8000
|
heap
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
142D000
|
heap
|
page read and write
|
||
|
1AAD80B0000
|
heap
|
page execute and read and write
|
||
|
307C000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
14C63495000
|
heap
|
page read and write
|
||
|
5BF33BB000
|
stack
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
1ABD01A0000
|
trusted library allocation
|
page read and write
|
||
|
19CBE8E000
|
stack
|
page read and write
|
||
|
140F5000
|
trusted library allocation
|
page read and write
|
||
|
1304CE9D000
|
heap
|
page read and write
|
||
|
14C64C70000
|
trusted library allocation
|
page read and write
|
||
|
13DD8000
|
trusted library allocation
|
page read and write
|
||
|
3086000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
3EF3000
|
trusted library allocation
|
page read and write
|
||
|
3839000
|
trusted library allocation
|
page read and write
|
||
|
830F7CE000
|
stack
|
page read and write
|
||
|
5BF30B8000
|
stack
|
page read and write
|
||
|
20924280000
|
trusted library section
|
page read and write
|
||
|
75FD9BF000
|
stack
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
1304CEAB000
|
heap
|
page read and write
|
||
|
2432E8D0000
|
heap
|
page read and write
|
||
|
201C0BFB000
|
heap
|
page read and write
|
||
|
13E6F000
|
trusted library allocation
|
page read and write
|
||
|
22CDEC40000
|
heap
|
page read and write
|
||
|
144ED000
|
trusted library allocation
|
page read and write
|
||
|
1AAD82E6000
|
trusted library allocation
|
page read and write
|
||
|
1ABD1FC0000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
heap
|
page execute and read and write
|
||
|
20A58690000
|
heap
|
page read and write
|
||
|
28D007E000
|
stack
|
page read and write
|
||
|
41723DF000
|
unkown
|
page read and write
|
||
|
140A5000
|
trusted library allocation
|
page read and write
|
||
|
1CB5B346000
|
heap
|
page read and write
|
||
|
26458554000
|
heap
|
page read and write
|
||
|
22002615000
|
heap
|
page read and write
|
||
|
1434000
|
heap
|
page read and write
|
||
|
209262A0000
|
heap
|
page execute and read and write
|
||
|
22CDED16000
|
heap
|
page read and write
|
||
|
209242FC000
|
heap
|
page read and write
|
||
|
13C39000
|
trusted library allocation
|
page read and write
|
||
|
220026C7000
|
heap
|
page read and write
|
||
|
3600000
|
unkown
|
page readonly
|
||
|
7488CFA000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
2645854D000
|
heap
|
page read and write
|
||
|
1C010000
|
heap
|
page read and write
|
||
|
22CE0610000
|
trusted library allocation
|
page read and write
|
||
|
206E08C0000
|
heap
|
page read and write
|
||
|
13AFF000
|
trusted library allocation
|
page read and write
|
||
|
14C64C50000
|
trusted library allocation
|
page read and write
|
||
|
7488979000
|
stack
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
28D023E000
|
stack
|
page read and write
|
||
|
13E7F000
|
trusted library allocation
|
page read and write
|
||
|
144B1000
|
trusted library allocation
|
page read and write
|
||
|
216B30E5000
|
heap
|
page read and write
|
||
|
1304CF55000
|
heap
|
page read and write
|
||
|
1CF2000
|
unkown
|
page readonly
|
||
|
4A5B8CE000
|
stack
|
page read and write
|
||
|
1304CE60000
|
heap
|
page read and write
|
||
|
830E67E000
|
unkown
|
page read and write
|
||
|
206E0830000
|
heap
|
page read and write
|
There are 1772 hidden memdumps, click here to show them.